Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/f861f2-bf83-4241-bb6a-aefd80872532/1/mRoMAk-fymKqXz6OxYop1gE9v2w.roa
File: mRoMAk-fymKqXz6OxYop1gE9v2w.roa (raw, json)
Hash identifier: YVMB/jymaDkUyNLSNF1JHOQWDEOK+3W0ouVOjoIpvIw=
Subject key identifier: 99:1A:0C:02:4F:9F:CA:62:AA:5F:3E:8E:C5:8A:29:D6:01:3D:BF:6C
Certificate issuer: /CN=71071c85a3482958f87f032b6463198c7fd9eb07
Certificate serial: 018CC86F5B71B09538D91AAFE16D50E3D5E6
Authority key identifier: 71:07:1C:85:A3:48:29:58:F8:7F:03:2B:64:63:19:8C:7F:D9:EB:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cQcchaNIKVj4fwMrZGMZjH_Z6wc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/f861f2-bf83-4241-bb6a-aefd80872532/1/mRoMAk-fymKqXz6OxYop1gE9v2w.roa
Signing time: Tue 02 Jan 2024 04:29:50 +0000
ROA not before: Tue 02 Jan 2024 04:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212285
IP address blocks: 91.243.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:5b:71:b0:95:38:d9:1a:af:e1:6d:50:e3:d5:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71071c85a3482958f87f032b6463198c7fd9eb07
Validity
Not Before: Jan 2 04:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=991a0c024f9fca62aa5f3e8ec58a29d6013dbf6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:4d:cc:e4:91:bb:73:f7:ff:86:e9:7c:d9:af:
0c:08:4b:ee:51:0e:23:5c:55:6c:d6:1c:c3:74:46:
79:70:dc:ce:d5:b5:05:8a:8a:d8:6f:e9:e7:b1:4e:
31:ef:4f:0b:c8:ce:dc:48:a3:e4:24:bf:90:aa:48:
34:c3:82:ff:d9:92:31:d1:e7:d8:1e:40:6c:0f:17:
19:fe:a2:a6:3e:40:d6:c2:63:ea:ec:4f:bc:83:e5:
2b:d0:8d:b4:e6:1c:28:f0:47:aa:15:ae:31:e8:e1:
5b:2d:87:02:73:9c:4a:41:a7:1f:65:81:4a:ab:43:
a9:07:98:da:68:77:16:69:8c:b6:95:7b:3c:1a:93:
c8:01:65:22:3a:85:3a:ab:2a:7d:65:9e:67:d6:7f:
b8:07:51:8d:cd:3a:f6:fd:a5:05:92:a9:6b:f2:83:
72:47:cf:89:2e:fc:3e:a3:b3:ff:50:b5:64:cb:7e:
74:7f:b9:41:dd:81:11:e4:30:0c:b1:73:5d:16:70:
73:a8:1f:fc:45:8a:21:0e:b8:08:e7:33:3d:09:76:
1b:70:92:42:cb:dc:0a:27:db:2e:00:44:ba:9b:27:
27:52:f4:d1:86:47:48:89:f7:30:0b:4b:09:f8:fc:
a0:c6:66:59:11:01:9d:7a:45:8c:ee:97:64:90:31:
31:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:1A:0C:02:4F:9F:CA:62:AA:5F:3E:8E:C5:8A:29:D6:01:3D:BF:6C
X509v3 Authority Key Identifier:
keyid:71:07:1C:85:A3:48:29:58:F8:7F:03:2B:64:63:19:8C:7F:D9:EB:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cQcchaNIKVj4fwMrZGMZjH_Z6wc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/f861f2-bf83-4241-bb6a-aefd80872532/1/mRoMAk-fymKqXz6OxYop1gE9v2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/f861f2-bf83-4241-bb6a-aefd80872532/1/cQcchaNIKVj4fwMrZGMZjH_Z6wc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.243.116.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:5a:ce:4e:ed:b7:c9:0d:c2:4a:34:0d:45:dc:2e:9f:79:b3:
94:ae:61:d3:01:4e:01:28:48:68:c1:bb:f0:c5:82:d6:39:e2:
53:ee:ab:68:5b:06:13:c4:be:87:67:7f:51:eb:4f:67:41:ee:
71:27:cf:1b:a4:ac:de:fe:ef:bc:cc:43:1e:3a:dd:49:69:20:
25:c3:50:ce:07:63:e6:44:af:5a:27:8a:7a:ae:23:4b:02:10:
38:96:1b:37:f0:fc:8c:f6:49:c8:6e:2e:a7:d7:ab:aa:ba:5a:
5f:d6:a0:ac:c2:88:08:27:01:fc:aa:c4:2d:cb:58:5f:c7:dd:
4b:00:a9:19:68:c8:e5:bb:96:57:de:9a:14:ba:b0:90:a4:74:
91:c1:a4:af:92:35:c8:b1:0c:90:1e:4b:a2:82:9c:7c:2b:58:
ea:c1:13:49:18:fb:a7:05:b3:8e:e9:58:6c:f3:43:9b:fe:81:
95:24:67:7c:a5:fe:43:37:3e:5d:0f:0c:2a:f3:72:e7:4e:69:
6b:8f:fd:a1:fc:26:43:e2:f6:31:d1:a2:1c:25:37:5f:84:37:
5a:e5:00:69:46:60:62:f1:eb:44:38:cf:04:1c:04:c9:06:aa:
ba:03:ba:f4:64:a8:da:fa:cb:63:98:3f:95:4e:8f:b4:fb:2d:
56:2b:a0:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb1txsJU42Rqv4W1Q49XmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMDcxYzg1YTM0ODI5NThmODdmMDMyYjY0NjMxOThjN2Zk
OWViMDcwHhcNMjQwMTAyMDQyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTFhMGMwMjRmOWZjYTYyYWE1ZjNlOGVjNThhMjlkNjAxM2RiZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl03M5JG7c/f/hul82a8MCEvuUQ4j
XFVs1hzDdEZ5cNzO1bUFiorYb+nnsU4x708LyM7cSKPkJL+Qqkg0w4L/2ZIx0efY
HkBsDxcZ/qKmPkDWwmPq7E+8g+Ur0I205hwo8EeqFa4x6OFbLYcCc5xKQacfZYFK
q0OpB5jaaHcWaYy2lXs8GpPIAWUiOoU6qyp9ZZ5n1n+4B1GNzTr2/aUFkqlr8oNy
R8+JLvw+o7P/ULVky350f7lB3YER5DAMsXNdFnBzqB/8RYohDrgI5zM9CXYbcJJC
y9wKJ9suAES6mycnUvTRhkdIifcwC0sJ+PygxmZZEQGdekWM7pdkkDExVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJkaDAJPn8piql8+jsWKKdYBPb9sMB8GA1UdIwQY
MBaAFHEHHIWjSClY+H8DK2RjGYx/2esHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1FjY2hhTklLVmo0ZndNclpHTVpqSF9aNndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9mODYxZjItYmY4My00MjQxLWJiNmEt
YWVmZDgwODcyNTMyLzEvbVJvTUFrLWZ5bUtxWHo2T3hZb3AxZ0U5djJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9mODYxZjItYmY4My00MjQxLWJiNmEtYWVmZDgwODcyNTMy
LzEvY1FjY2hhTklLVmo0ZndNclpHTVpqSF9aNndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/N0MA0G
CSqGSIb3DQEBCwUAA4IBAQCMWs5O7bfJDcJKNA1F3C6febOUrmHTAU4BKEhowbvw
xYLWOeJT7qtoWwYTxL6HZ39R609nQe5xJ88bpKze/u+8zEMeOt1JaSAlw1DOB2Pm
RK9aJ4p6riNLAhA4lhs38PyM9knIbi6n16uqulpf1qCswogIJwH8qsQty1hfx91L
AKkZaMjlu5ZX3poUurCQpHSRwaSvkjXIsQyQHkuigpx8K1jqwRNJGPunBbOO6Vhs
80Ob/oGVJGd8pf5DNz5dDwwq83LnTmlrj/2h/CZD4vYx0aIcJTdfhDda5QBpRmBi
8etEOM8EHATJBqq6A7r0ZKja+stjmD+VTo+0+y1WK6Cc
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:19 2025 by rpki-client